package com.lightjet.macross.base.gateway.config;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.lightjet.macross.common.dto.ResponseDTO;
import com.lightjet.macross.common.util.JwtUtil;
import com.lightjet.macross.common.util.RespUtil;
import io.netty.util.internal.StringUtil;
import lombok.extern.java.Log;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.MediaType;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.web.server.ServerWebExchange;
import org.springframework.web.server.WebFilter;
import org.springframework.web.server.WebFilterChain;
import reactor.core.publisher.Mono;

/**
 * @author : lijia
 * @version : 1.0 2020-05-15 10:16
 * description : 路由控制安全配置
 */
@Configuration
@Log
public class RouteSecurityConfig implements WebFilter {
    /**
     * Process the Web request and (optionally) delegate to the next
     * {@code WebFilter} through the given {@link WebFilterChain}.
     *
     * @param serverWebExchange the current server exchange
     * @param webFilterChain    provides a way to delegate to the next filter
     * @return {@code Mono<Void>} to indicate when request processing is complete
     */
    @Override
    public Mono<Void> filter(ServerWebExchange serverWebExchange, WebFilterChain webFilterChain) {
        ServerHttpRequest request=  serverWebExchange.getRequest();
        if(request.getPath().value().startsWith("/route")){
            log.info("在RouteSecurityConfig中认证route 控制器调用相关请求："+ request.getPath());
            String admintoken =request.getHeaders().getFirst("admin-token");
            ServerHttpResponse response=serverWebExchange.getResponse();
            if(StringUtil.isNullOrEmpty(admintoken)){
                return setErrorResponse(response, RespUtil.CreateError("未携带管理令牌访问，拒绝请求！"));
            }
            else
            {
                log.info("正在解密admintoken");
                if(JwtUtil.verify(admintoken,"802sastcasc!"))
                {
                    log.info("认证成功！");
                    return webFilterChain.filter(serverWebExchange);
                }
                else
                {
                    return setErrorResponse(response, RespUtil.CreateError("所携带管理令牌过期或不正确，拒绝请求！"));
                }

            }


        }
        else
        {
            return webFilterChain.filter(serverWebExchange);
        }

    }

    protected Mono<Void> setErrorResponse(ServerHttpResponse response, ResponseDTO result ){
        response.getHeaders().setContentType(MediaType.APPLICATION_JSON);
        try {
            return response.writeWith(Mono.just(response.bufferFactory().wrap(new ObjectMapper().writeValueAsBytes(result))));
        } catch (JsonProcessingException e) {
            e.printStackTrace();
            return response.writeWith(Mono.just(response.bufferFactory().wrap("无权限".getBytes())));
        }

    }
}
